The war between data defenders and data thieves has been described as a cat-and-mouse game. As soon as the white hats counter one from of black-hat malicious behavior, another malevolent form rears its ugly head. How can the playing field be titled in favor of the infosec warriors? Here are some most popular technologies which will enable us to do that.
- Hardware authentication
The inadequacies of usernames and passwords are well known. Clearly, a more secure form of authentication is needed. One method is to bake authentication into a user’s hardware. Intel has built on previous efforts to dedicate a portion of the chipset for security functions to make a device part of the authentication process. Good authentication requires three things from users: what they know, such as a password; who they are, such as a username; and what they have, such as a token. In the case of Authenticate, the device becomes the what-you-have. Hardware authentication can be particularly important for the Internet of Things (IoT) where a network wants to ensure that the thing trying to gain access to it is something that should have access to it.
- Cloud access security brokers
Software as a Service (Saas) apps, increasingly pervasive in enterprises, provide new challenges to security teams with their limited visibility and control options. Cloud Access security brokers (CASB) allow chief information security officers an opportunity to apply enterprise security policies across multiple cloud services.
- User-behavior analytics
Once someone’s username and password are compromised, whoever has them can waltz, onto a network, and engage in all kinds of malicious behavior. The behavior can trigger a red flag to system defenders if they are employing user behavior analytics. The technology uses big data analytics to identify anomalous behavior by a user. UBA can be a valuable tool for training employees in better security practices. One of the biggest problems in a company is employees not following company policy. To be able to identify those people and mitigate that risk by training them properly is critical.
- Data loss prevention
A key to data loss prevention is technologies such as encryption and tokenization. They can protect data down to field and subfield level, which can benefit an enterprise in a number of ways,
- Cyber-attackers cannot monetize data in the event of a successful breach.
- Data can be securely moved and used across the extended enterprise — business processes and analytics can be performed on the data in its protected form, dramatically reducing exposure and risk.
- The enterprise can be greatly aided in compliance to data privacy and security regulations for protection of payment card information (PCI), personally identifiable information (PII) and protected health information (PHI).
- Deep learning
Deep learning encompasses a number of technologies, such as artificial intelligence and machine learning. Like user behavior analytics, deep learning focuses an anomalous behavior. Use of machine learning can help stamp out the bane of advances persistent threats. The majority of dep learning applications that we see in the community are usually geared towards fields like marketing, sales, finance, etc. We hardly ever read articles or find resources about deep learning being used to protect these products, and the business, from malware and hacker attacks.
- Endpoint detection and response
Endpoint detection and response solutions allow Chief Information Security Officers to detect potential security breaches and react quickly. These tools record endpoint and network events, and the data is continuously searched using known indicators of compromise and machine-learning techniques for early identification of breaches.
- Remote browser
Chief information security officers can address malicious malware delivered via mail. URLs or websites by isolating the browsing function from the endpoint and corporate network. This is done by remotely presenting the browser session from an on-site or cloud-based “browser server.” The server sessions can be reset to a known good state, and this technique reduces the surface area for an attack, shifting the risk to server sessions.
- Pervasive Trust Services
Security models must evolve alongside the projected pervasiveness of the Internet of Things (IoT) and increasing dependency on operational technology. Trust services can manage the needs of billions of devices with limited processing capability. More importantly, trust services are designed to scale and can offer secure provisioning, data integrity, confidentiality, devices identity and authentication.
With the increasing development of computer and communications technology growth and increasing needs and development of information systems security. The problem of security must be approached with greater caution. With the development of computer and communication technologies have developed numerous tools to protect files and other information. These technologies should help out the infosec warriors get the upper hand.